CVE-2014-9152 on Unsafe.dll dependency with Elastic Search

silo · February 27, 2024, 11:04am

https://nvd.nist.gov/vuln/detail/CVE-2014-9152

Hi, I have performed recent dependency scan and found the above CVE vulnerability is detected. As i am using Elastic Search .net dll in my project and this has indirect dependency with System.Runtime.CompilerServices.Unsafe.dll hence the CVE is being listed in the reported. We tried removing this Unsafe.dll but its affecting Elasticsearch. Even i tried uninstalling and re-installing Elastic Search .net dll but its also installing Unsafe.dll.

Seeking your advise on remediating this vulnerability.

Thanks in advance.

system · March 26, 2024, 11:04am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Vulnerability CVE-2020-13956 reported on Elasticsearch 7.17.4 Elasticsearch	5	342	July 18, 2022
Impact of CVE-2022-42889 on Elastic stack Elasticsearch	5	2371	November 21, 2022
CVE-2022-22965 vulnerability on Elastic Search or Kibana Elasticsearch	2	431	May 10, 2022
Discuss: Security Vulnerabilities: ESA-2023-14 - CVE-2023-31419 Elasticsearch	3	684	January 4, 2024
Vulnerabilities in docker image elasticsearch/elasticsearch:7.17.8 Elasticsearch docker	6	796	February 15, 2023

CVE-2014-9152 on Unsafe.dll dependency with Elastic Search

Related topics